0078e0483d3447a465f71d6bbdab5c799cad2e57c221ec1d639d235b0ffced55

Sharing

Copy URL

Twitter E-mail

General

Target

wordpress-6.2 (1).zip
Size

23.4MB
Sample

240204-whdtbshfgr
MD5

354e81106f8197b2b4bbc33a752caa2f
SHA1

31f07bd10988cec96ebcb1fd2410ef222c505504
SHA256

0078e0483d3447a465f71d6bbdab5c799cad2e57c221ec1d639d235b0ffced55
SHA512

fee7a15a77785e923b08f9d51a9769fe21153ac56eda1e7f603a26449294070a72bf93e85df17cfc7e000e89e5638124216668bfa5bb71c81171fc1b779b8b88
SSDEEP

393216:BcqJLf/m1nYOT8eq1AS/rZW6YIDvxTonYLmQ4IzpynQ3jWtZErjhzl:BcPYOTDanVW6dxTonYLvAQ3jWUrjFl

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

http://api.wordpress.org/plugins/info/1.2/

Targets

- Target
  
  wordpress/readme.html
- Size
  
  7KB
- MD5
  
  5e408385ba5baad561f45380dba623aa
- SHA1
  
  82028329e5779f21700ca6c68c74f8ede0012b10
- SHA256
  
  94d15828ce2cb0d491b579106af13fa12aa79591b58f2b554e873717efd0c1f5
- SHA512
  
  23068223ec118cc249cdae9f07e54c18fb0f4b7d1488a48afbebbd1a3fae7a7936368aad9cb88a9f366a17600434fc0864dcef4250d13f0c486b82bfe5a1206a
- SSDEEP
  
  96:4UK8pz1E/4kF5kyJ0ifN8uueKQeth4wtcwYKuID9kKCZxjD+9+25tdLwGg1IZz6+:68/SVPmui3C/Da7d0euCidI
Score

1^/10
behavioral1 behavioral2
- Target
  
  wordpress/wp-admin/admin-header.php
- Size
  
  8KB
- MD5
  
  6cf9030deced5093707fb0ed5f135aca
- SHA1
  
  12d23dda690e9ea73d31286d0ef83f8d8fc879d5
- SHA256
  
  7edf2bd80117c1cbda7ec2d0dd8850c68a2ed4634286404afef202a832e370ff
- SHA512
  
  7ea967fbe847fcab5e3fb207b94ab104673510fbf2670641b2b31bcac9a799fd9b8a7b3aa137bd848ecb6add3e606f193573a23e9d3ea6e73e0c0087c5c3699e
- SSDEEP
  
  192:h/H43xQB/m4TxUIddqqQsY65ifPyWoAXZPXt/VC46q:943xQB/myyYd5iD/VCXq
Score

1^/10
behavioral3 behavioral4
- Target
  
  wordpress/wp-admin/async-upload.php
- Size
  
  4KB
- MD5
  
  f051354b8265bfc5b95c542372ea8a00
- SHA1
  
  fc73711b93b0255b263f031d85a52f664ebb00c2
- SHA256
  
  7dfab663df16c2d8d25834b7368b9632001abcfe6662478e6205a7cc5614d739
- SHA512
  
  e686eace9c55e5825751e0d04d86d3e60e191b011f4cd7e76ff60cba709744eafc616fa828b3e9a5eb0847389f7454b656d739e2ec2b81e6c68c27dc312365f8
- SSDEEP
  
  96:tKikv2f2NpGSrpPaxACeP8M4RoOqg754Vo6vngDnVovMmDhscCJgjE0ZDW9QgM:t7Vf2gx4P8HCil+f+QE0ZD9
Score

1^/10
behavioral5 behavioral6
- Target
  
  wordpress/wp-admin/import.php
- Size
  
  7KB
- MD5
  
  c52cf454b02044e33ec87565488c0424
- SHA1
  
  5c464db5a361f400090789c95617138260b49833
- SHA256
  
  3fa28a31b73a2472d925724bef64e898260f2cf98543fe946927719f8a4daab3
- SHA512
  
  c47052b0adceebbefab7076a3798133539877dcad9b1c06b9c407bc70a0468824e0a4aa0367ffc821ff4708ebf12645607ce57eb5464cec41e3ea43f1c67668b
- SSDEEP
  
  192:Prngb3a4uPHNqdiDOPzAwWF2VpflBd5AKscX8:bgj4lzoALIVZgK7X8
Score

1^/10
behavioral7 behavioral8
- Target
  
  wordpress/wp-admin/includes/ajax-actions.php
- Size
  
  146KB
- MD5
  
  7cd82b94b7dc637f3dba2375016926ac
- SHA1
  
  bafeb0ff9d26ec5b65c020ebcc9e7b014d6cb890
- SHA256
  
  f8b2da58516314cb68edeec8c9c4356530885af58578252e4bc715c06c149559
- SHA512
  
  454f9301e9d24ebaaf4dc1f630322953833a848eb3a87fc46b9fc52e3b347ec459d5a8bf62bc27ccefb86e5f6a1eb1f0f1278434bef455c623830dbbecfadd1d
- SSDEEP
  
  3072:IH5V6+oIpmMEnwxqpSufwBZBE8qvTlgMEx+6B1KL4hBCQ/fWbzo2042kUI:IHppSXfwnkvpgMEx+6DK0MzDdZ
Score

1^/10
behavioral10 behavioral9
- Target
  
  wordpress/wp-admin/includes/class-core-upgrader.php
- Size
  
  14KB
- MD5
  
  4097fae4351cc9f517938db0d5aa847a
- SHA1
  
  4e714e18c9a50fa7ae8406090161b22498a1b53f
- SHA256
  
  cda2a0f071d3fe710e0071acc5351bb4f9497a818436a87698fc5ea00eb50eb2
- SHA512
  
  e7db1a3b226c6e3a223ca984756b75af252c9dae30e79faa8cd3d73704df436e3b2974ef4bdb9dc59f0230ec3e30b2b7292cdd99bb780a7df607150a7643e7f9
- SSDEEP
  
  384:7zqcqG+B2xDayguDNt8sBLXkcRgOkhONNVDUPpj+DQU3jSXGpCm5K+RgVclSK:7+HG+IxeahtVBLXZRgOkhOPVyj+UcjSq
Score

1^/10
behavioral11 behavioral12
- Target
  
  wordpress/wp-admin/includes/class-custom-image-header.php
- Size
  
  47KB
- MD5
  
  76e9ebe99201c9e85391168dee5e2248
- SHA1
  
  adf79d30a266128c779a41760522ccddb3a52a71
- SHA256
  
  2246f9f952883e18def608629f26df12fa918167d090b019cb6bce31d4e92d4a
- SHA512
  
  d90654b901b555357098978163504dd231170e8d02335331fed3126b84b4a0ef03f7be3e539abb81f3c329f6babce9e2e9964f2b8330dd34a527e13a144d82b2
- SSDEEP
  
  768:dpTRqi9461Sk9evuVz/B3meHlejG3+tTlkJJvn1YcQVO9vuxwOYQ:dp4i94ESk9evo/NmeHleS3+tTsJvqGvi
Score

1^/10
behavioral13 behavioral14
- Target
  
  wordpress/wp-admin/includes/class-ftp.php
- Size
  
  26KB
- MD5
  
  6350cf6a7b22dee09bcaeb23d8203e57
- SHA1
  
  0344465c751d7b27da74604bba88bd5a15e7df9c
- SHA256
  
  ce4845b53a9b556a6593336862632cb730ec8500ce866468af0980098a301043
- SHA512
  
  a4b09a2cb4e46d3ddf392035cdb22a59fe4886f1cb5c3c86d54770de2a6f0cc5c490f4115fe3bc3841531446855876f0de535ed1c58927f485c8fac9dafb6efd
- SSDEEP
  
  768:W6q1jqhlXzMgIfGsObD5gOemrLzrRULLKrZoSV:XcKD5gurrdoSV
Score

1^/10
behavioral15 behavioral16
- Target
  
  wordpress/wp-admin/includes/class-language-pack-upgrader.php
- Size
  
  14KB
- MD5
  
  637e8ccab7054344e0b5116a249b593a
- SHA1
  
  33489feacb19cff3630931c4d7443bb90fc97fea
- SHA256
  
  3ad117762436db5551449da10d0605b46d6b964f6c3158893d4aba9302c6a00b
- SHA512
  
  b055321c6af178a3fb361fef6b69df3f1941fbf10581c7e69af0591ce3d30206a5db2b53e6d7eaf4115e75a4152b76449f5c4dc62ae3922ce2c714e2522e90be
- SSDEEP
  
  384:3Zd8ZB0xzy1gcPGrknK/P9CnYgUYBhriIk3EXhWUtoPWTl:3ZyUxzy1LPGrknK/P9CnYgUWk3EXhWUP
Score

1^/10
behavioral17 behavioral18
- Target
  
  wordpress/wp-admin/includes/class-pclzip.php
- Size
  
  192KB
- MD5
  
  29f34168b7384cca58ba64885461e115
- SHA1
  
  9e6265cc47b43e94e26243dbf1d67b5eb9e3788a
- SHA256
  
  e82876116d18e46e4973e97d14604ac4a2dca876ec34c55f540b37f40cd3ae1f
- SHA512
  
  615be73131e747bc760fa4b749c951e733f436e901fef83d536547b7e0dd97de62af618086e698ae6c281b418c7b2c9a401983176bd98410446e40a8d8791c6b
- SSDEEP
  
  3072:ndHhMRpR+I54lATTt6RRbxWJjZK3+YUZn5Pw:ndpI54lgTt6RRbxWBZK3+YUZn5Y
Score

1^/10
behavioral19 behavioral20
- Target
  
  wordpress/wp-admin/includes/class-wp-automatic-updater.php
- Size
  
  51KB
- MD5
  
  1490be5bcbd5ddbcb49939f46e845701
- SHA1
  
  eecfff11c7cbf69b3d99048009e9c8d26071ae57
- SHA256
  
  8314aa0736df73bf6391504631b93b88fba54a061808bbb3dbcf51987f8cbf5a
- SHA512
  
  f9e60543f2ab1543c15c07f0724d79067c39d17d9218b83a855a357604a91f546696a8c60f5e6b665f6f520dc290d33667bc47b45b35b8b68b389b0c2393eecc
- SSDEEP
  
  1536:aoX3e4Q3/3KbyI9Pv3+HEjJ0QAUXs7Xpvdp/XxQDKMrEXh:O3/imHcJ0QAUXs7XFXxQDKxXh
Score

1^/10
behavioral21 behavioral22
- Target
  
  wordpress/wp-admin/includes/class-wp-comments-list-table.php
- Size
  
  30KB
- MD5
  
  8c282d029cb93013ecae9d72adf2cd05
- SHA1
  
  f9cf27a273567477980665289bd3d87ce3d9183d
- SHA256
  
  3c3ffd1f539a65c904dc21aead6b70ea9aee5acb11848eabfe894be3288e013c
- SHA512
  
  1c2b9381420c83679f3a5bffbd12b50f0173bc4754ccb950b5ab0bd2cec6778b4c0e3aaea7091c53541a676b3a9ab70226a32849093d4aec25ccd3dd6d1c6643
- SSDEEP
  
  768:v+Dx/gKKHtjxCNOkVTZRCcR48d0dPNTV9XnD+/jDBl+YabPqYM:UgKKHtjxCNOkVT37RHC1xLXsKbrM
Score

1^/10
behavioral23 behavioral24
- Target
  
  wordpress/wp-admin/includes/class-wp-debug-data.php
- Size
  
  58KB
- MD5
  
  db642d59511551dac3cd521e909eeabf
- SHA1
  
  6ebefebc8705ae12d446e3f68381e8b14df3dff9
- SHA256
  
  265ca68390aaeebfbd6fc624e6ea17de8733257a77975efba892168f3ad44577
- SHA512
  
  76fa53786e9a7a78ad5d1f10d72a09d479e864bda8dd58aa162692201f412d8c7f8e894458fbdd4a28f404f4d67c1689aa0312b02a174656ac887ac462b16d79
- SSDEEP
  
  768:Sk5Qd+L/lK+p2NXkQMkWX1+g2Q8QkF9ud0tGOId1Inz/pHPTyDyMDDGFz9:SCQNXkQMkWX1+g2Q8QkF9s06+5PTkWR
Score

1^/10
behavioral25 behavioral26
- Target
  
  wordpress/wp-admin/includes/class-wp-filesystem-ftpsockets.php
- Size
  
  16KB
- MD5
  
  49f00f88cbb91af037495631dc48b404
- SHA1
  
  c21bab5039c2044f3c013cb458ce7392a67f0e3e
- SHA256
  
  01fbdd5a2260a166bbbd90485353dbe8746257caa99e30414caccc9c022f23b2
- SHA512
  
  0b399b996cad6ec1037ce5b07dfdd6bda832df1083e0cdad741c7e3b3f6c9bbe4e8945461af57ef649e7b997791dd7bb56696a4cd6ab7d784fdaec175c3caa88
- SSDEEP
  
  192:BpKs0c/JSGMbhS/hRSX8uhBL5if9x5xPfQZ:BT/RMbOXWBL5p
Score

1^/10
behavioral27 behavioral28
- Target
  
  wordpress/wp-admin/includes/class-wp-internal-pointers.php
- Size
  
  4KB
- MD5
  
  28c8bca6cd016b2de1b5a9c8ac22cdd9
- SHA1
  
  145d2dc8863e4b603a414c55875f3ff64880b1c7
- SHA256
  
  562fc7c8c484761bede01b839c4cd4f2b8ca0e8af347646525ae9124554a51ac
- SHA512
  
  f023a722ee25464101f46700a1517c280b1d6e619faf2bd0679e8e4e710cfd18e39db337a023b4fdd5139cabb383f7fa41ecc49be5e43e4db223353e0672a34c
- SSDEEP
  
  96:6zONxqenrEHribFXgUxKrjpU4uHG7SNdS5XZEGbgd:6a6QEHWbOUxKPTCSnm
Score

1^/10
behavioral29 behavioral30
- Target
  
  wordpress/wp-admin/includes/class-wp-list-table.php
- Size
  
  43KB
- MD5
  
  80f0ccb8de90a5f3699210a013f97d65
- SHA1
  
  fa633e21cf45c7f9c89436b81bcd2d68b0add331
- SHA256
  
  ab530d66abeedf0192d40f2fd1afa9e5f0367844ad55fc6e86c0e2e9673c6678
- SHA512
  
  e1dc141c3fd9cf8aa37028162ac8a834e5a963eb6f16a90a5828a9a21f8666a340c8f35fb859f16738d063bd6be6f13f5486a7d5a06f7000dda70c7b2cc574d4
- SSDEEP
  
  768:ljPOtfiUK2GxpsevJypEqtBs9WgCCwie902XvOVZK1QmkJJ2dt7ae:YtfiUK2cpsevJypbtBs9WgCCwie902fF
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32